<?php session_start(); ?>
<?php
 if(!$_SESSION['uname']){
  echo "你没有权限访问此页面!";
  return false;
}
?>
<?php include("../inc/db_config.inc"); ?>
<?php
if(isset($_REQUEST['oldpassword'])&&$_REQUEST['oldpassword']!=""){
    $s_oldpassword=$_REQUEST['oldpassword'];
}else{
    echo "旧密码不能为空<a href='javascript:history.back()'>返回</a>";
    return false;
}
if(isset($_REQUEST['newpassword'])&&$_REQUEST['newpassword']!=""){
    $s_newpassword=$_REQUEST['newpassword'];
}else{
    echo "新密码不能为空<a href='javascript:history.back()'>返回</a>";
    return false;
}
if(isset($_REQUEST['repassword'])&&$_REQUEST['repassword']!=""){
	$repassword=$_REQUEST['repassword'];
	
    if($repassword==$s_newpassword){
       $s_repassword=$repassword; 
    }else{
        echo "两次密码不一致,请重新输入!<a href='javascript:history.back()'>返回</a>";
        return false;
    }
    
}else{
    echo "请重复新密码<a href='javascript:history.back()'>返回</a>";
    return false;
}

date_default_timezone_set("Asia/Shanghai"); //北京时间
$s_old=mysql_query("select password from user where id=1");
if(mysql_affected_rows()>0){
    $s_row=mysql_fetch_array($s_old);
    $oldp=$s_row['password'];
    if($oldp!=$s_oldpassword){
        echo "旧密码错误!<a href='javascript:history.back()'>返回</a>";
        return false;
    }else{
        $s_update=mysql_query("update user set password='$s_newpassword' where id=1");
        if(mysql_affected_rows()>0){
            echo "密码更新成功!页面会在1秒钟后自动返回.<script type='text/javascript'>setTimeout(function(){history.back()},1000)</script>";
        }else{
            echo "更新失败!<a href='javascript:history.back()'>返回</a>";
        }
    }
}

 ?>